Container Escape Vulnerability in Dell VxRail Product
CVE-2022-46756

8.2HIGH

Key Information:

Vendor: Dell
Status: Vxrail Hci
Vendor: CVE Published:; 1 February 2023

What is CVE-2022-46756?

Dell VxRail versions prior to 7.0.410 are susceptible to a Container Escape vulnerability, allowing local attackers with high privileges to potentially execute arbitrary OS commands on the underlying operating system of the container. This exploitation could enable attackers to gain control over the system, posing significant security risks for affected environments. It is crucial for users to review their VxRail installations and apply the necessary updates to mitigate this exposure.

Affected Version(s)

VxRail HCI 0 < 7.0.410

References

https://www.dell.com/support/kbdoc/000206943

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2023
Vulnerability Reserved
Dec 7, 2022

CVE-2022-46756 Data

JSON